"""
API 权限控制

自定义权限类，用于控制 API 访问权限
"""

from rest_framework import permissions


class IsAdminUser(permissions.BasePermission):
    """
    只允许管理员用户访问
    """
    def has_permission(self, request, view):
        return request.user and request.user.is_staff


class IsAdminOrReadOnly(permissions.BasePermission):
    """
    管理员可以进行任何操作，其他用户只读
    """
    def has_permission(self, request, view):
        if request.method in permissions.SAFE_METHODS:
            return True
        return request.user and request.user.is_staff


class IsSuperUser(permissions.BasePermission):
    """
    只允许超级管理员访问
    """
    def has_permission(self, request, view):
        return request.user and request.user.is_superuser

